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DETAILED ACTION 



Claim Rejections - 35 USC § 103 



1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-37 rejected under 35 U.S.C. 103(a) as being unpatentable over Devine 
et al., US Patent Application No 09/159514 (hereafter referred to as '514) in view of 
Lagarde et al., US Patent No 5745754 (hereafter referred to as 754). 

As to claim 1 : 

3. l 514 teaches a security system for controlling access to a web site comprising: 

• A security module for controlling access to web pages / Back end services to 
provide applications that establish user sessions, govern user authentication and 
their entitlements (Page 3, Paragraph 0051, '514), "Back-end Services" (Fig 1, 
'514) 

• An external web server for servicing requests for web pages from the external 
network/ Web Server (Fig 1, Element 24, '514) 

• A site firewall for receiving requests for web pages from the external network and 
forwarding / Firewall (Fig 1, between elements 15 and 24, '514) 
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• A security firewall for receiving a security request from external web server / web 
server decrypts and verifies the user session, then forwards the message 
through a firewall (Page 5, Paragraph 0067, '514) 

4. '514 further teaches the use of internal servers to supplement the web server and 
for internal servers to utilize the back end services/security module. '514 does not 
teach the use of internal clients accessing an internal web server. 754 teaches a 
network arrangement with internal/external web servers, internal/external clients, and 
firewall mechanisms. It would have been obvious to a person of ordinary skill in the art 
at the time of invention to modify '514 to use internal network clients and servers as in 
754, and to utilize the existing relationship between the internal servers and back end 
services/security module. One of ordinary skill in the art would have been motivated to 
invention to modify '514 to use internal network clients and servers as in 754, and to 
utilize the existing relationship between the internal servers and back end 
services/security module because it is helpful for internal machines to have the ability to 
request resources from the web server without the performance penalties of access 
through a firewall. 

5. As to claims 2 and 3: 

Legitimate request for a web page is an HTTP/HTTPs request / the present invention is 
implemented with a secure version of HTTP, such as HTTPS (Page 5, Paragraph 066, 
Line 16, '514) 
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6. As to claim 4: 

The security system of claim 1 wherein the external network is the Internet / Internet 
(Fig 1, Element 15, '514) 

7. As to claim 5: 

External and Internal web servers include a module for interfacing to the security 
module / Back end services provide applications ... that communicate with adaptor 
programs (Page 3, Paragraph 0055, '514) 

8. As to claim 6: 

'514 as modified above teaches a security system for controlling access to a web site 
including internal and external servers. '514 does not teach for the internal servers and 
external servers to implement the same web site. 754 teaches the capability of 
accessing 131 and 131' for similar functionality (Col 19, Line 10, 754), but does not 
specifically state that the servers should implement the same web pages. The 
examiner takes official notice as to implementing the same web pages on both internal 
and external servers. It would have been obvious to a person of ordinary skill in the art 
at the time of invention to implement the same web pages on both internal and external 
servers. One of ordinary skill in the art would have been motivated to implement the 
same web pages on both internal and external servers because it is very commonly 
known that web servers are capable of storing arbitrary web pages and many 
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technologies exist for web site redundancy. Examples include co-location and server 
backup sites. 

9. As to claim 7: 

Security module provides authentication services / Back end services to provide 
applications that establish user sessions, govern user authentication (Page 3, 
Paragraph 0051, '514) 

10. As to claim 8: 

Security module provides authorization services / Back end services to provide 
applications that establish user sessions, govern user authentication and their 
entitlements (Page 3, Paragraph 0051, '514) 

11. As to claim 9: 

Security request is received by the security firewall through a designated IP address 
and port number / a subscriber connects to the web site by entering the appropriate 
URL a secure TCP/IP communications link is established (Page 13, Paragraph 0141, 
'514), IP address and port number connectivity are inherent to TCP/IP 

12. As to claim 10: 

'514 teaches a security system for controlling access to a web site comprising: 
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• Receiving requests to access resources / Customer requested data (Page 3, 
Paragraph 0050, '514) 

• When access is approved, granting access to requested resource / Back end 
services to provide applications that establish user sessions, govern user 
authentication and their entitlements (Page 3, Paragraph 0051, '514), "Back-end 
Services" (Fig 1, '514) 

13. '514 further teaches the use of internal servers to supplement the web server and 
for internal servers to utilize the back end services/security module. '514 does not 
teach the use of internal clients accessing an internal web server. 754 teaches a 
network arrangement with internal/external web servers, internal/external clients, and 
firewall mechanisms. It would have been obvious to a person of ordinary skill in the art 
at the time of invention to modify '514 to use internal network clients and servers as in 
754, and to utilize the existing relationship between the internal servers and back end 
services/security module. One of ordinary skill in the art would have been motivated to 
invention to modify '514 to use internal network clients and servers as in 754, and to 
utilize the existing relationship between the internal servers and back end 
services/security module because it is helpful for internal machines to have the ability to 
request resources from the web server without the performance penalties of access 
through a firewall. 



14. As to claim 11: 
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Where the requests from external network are passed through a firewall / Firewall (Fig 
1, between elements 15 and 24, '514) 

A security firewall for receiving a security request from external web server before being 
processed by security module / web server decrypts and verifies the user session, then 
forwards the message through a firewall (Page 5, Paragraph 0067, '514), (Fig 1, 
Element 16, '514) 

15. As to claim 12: 

Requests received from the internal network are not passed though a site firewall or 
security firewall / Inherent to the invention of '514 as modified above (Fig 1, '514) 

16. As to claim 13: 

Requests received from the external network and requests received from the internal 
network are processed by different servers / Inherent to the internal/external server 
configuration for the invention of '514 as modified above 

17. As to claim 14: 

Where servers are web servers / Web servers (Fig 1 , Element 24, '514) 

18. As to claim 15: 

Where server are web server / Web servers (Fig 1 , Element 24, '514) 
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19. As to claim 16: 

Resources are web pages / Web servers (Fig 1, Element 24, '514) 

20. As to claim 17: 

External network is the Internet / Internet (Fig 1, Element 15, '51 4) 

21. As to claims 18 and 19: 

Security module provides authentication/authorization services / Back end services to 
provide applications that establish user sessions, govern user authentication and their 
entitlements (Page 3, Paragraph 0051, '514), "Back-end Services" (Fig 1, '514) 

22. As to claims 20-28 and 29-37: 

Claims 20-28 and 29-37 correspond to claims 1-9 

Conclusion 

23. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jonathan R Adams whose telephone number is (703) 
305-8894. The examiner can normally be reached on Monday - Friday from 10am to 
6pm. 
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24. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached on (703) 308-4789. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 
Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-3900. 
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